Appl. No. 10/668,867 
Amdt. dated May 30, 2 007 

Reply to Office Action of March 7, 2007 

This listing of claims replaces all prior versions, 
and listings of claims in the instant application: 

Listing of Claims: 

1. (Currently Amended) A method for digital content 
access control, comprising: 

sending , by a user device to a content 
provisioner , a digital content request comprising a 
request for digital content; 

receiving , from said content provisioner by said 
user' device, an authenticated digital content request 
in response to said sending said digital content 
request ; 

sending , by said user device, said authenticated 
digital content request including one or more delivery 
parameters to a content repository that provides* 
storage for said digital content, said one or more 
delivery parameters identifying a target device to 
receive digital content referenced by said 
authenticated digital content request; 

receiving , from said content repository by said 
user device, encrypted digital content in response to 
said sending said authenticated digital content 
request; and 

sending , by said user device, said encrypted 
digital content to said target device, said target 
device for decrypting said encrypted digital content 
to create decrypted digital content and for rendering 
said decrypted digital content on said target device. 

2. (Original) The method of claim 1 wherein 

said digital content request comprises a 
Universal Resource Locator (URL) ; and 

said authenticated digital content request 
comprises a tokenized URL. 
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3. (Original) The method of claim 2 wherein said 
tokenized URL further comprises a token comprising a 
cryptogram based at least in part on an identifier that 
describes the location of said digital content. 

4. (Original) The method of claim 3, further 
comprising sending said token to said target device. 

5. (Original) The method of claim 3 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 

6. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a serial number 
uniquely identifying said target device. 

7. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a master key 
indicator for use in decrypting an encrypted form of said 
digital content . 

8. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a key derivation 
process indicator for use in deriving a cryptographic key 
for decrypting an encrypted form of said digital content. 

9. (Original) The method of claim 1 wherein said one 
or more delivery parameters comprises a cryptographic 
process indicator that specifies a cryptographic process 
supported by said target device. 

10. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
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executable by the machine to perform a method for digital 
content access control, the method comprising: 
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sending / by a user device to a content 
provi s ioner , a digital content request comprising a 
request for digital content ; 

receiving , from said content provisioner by said 
user device, an authenticated digital content request 
in response to said sending said digital content 
request ; 

sending , by said user device, said authenticated 
digital content request including one or more delivery 
parameters to a content repository that provides 
storage for said digital content, said one or more 
delivery parameters identifying a target device to 
receive digital content referenced by said 
authenticated digital content request; 

receiving , from said content repository by said 
user device, encrypted digital content in response to 
said sending said authenticated digital content 
request; and 

sending , by said user device, said encrypted 
digital content to said target device, said target 
device for decrypting said encrypted digital content 
to create decrypted digital content and for rendering 
said decrypted digital content on said target device. 

11. (Original) The program storage device of claim 

10 wherein 

said digital content request comprises a 
Universal Resource Locator (URL) ; and 

said authenticated digital content request 
comprises a tokenized URL. 

12. (Original) The program storage device of claim 

11 wherein said tokenized URL further comprises a token 
comprising a cryptogram based at least in part on an 
identifier that describes the location of said digital 
content . 
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13. (Original) The program storage device of claim 
12, further comprising sending said token to said target 
device . 

14. (Original) The program storage device of claim 
12 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized . 

15. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
serial number uniquely identifying said target device. 

16. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
master key indicator for use in decrypting an encrypted 
form of said digital content . 

17. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
key derivation process indicator for use in deriving a 
cryptographic key for decrypting an encrypted form of said 
digital content. 

18. (Original) The program storage device of claim 
10 wherein said one or more delivery parameters comprises a 
cryptographic process indicator that specifies a 
cryptographic process supported by said target device. 
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19. (Currently Amended) An apparatus for digital 
content access control, comprising: 

means for sending , by a user device to a content 
provisioner , a digital content request comprising a 
request for digital content; 

means for receiving , from said content 
provisioner by said user device, an authenticated 
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digital content request in response to said sending 
said digital content request; 

means for sending / by said user device, said • 
authenticated digital content request including one or 
more delivery parameters to a content repository that 
provides storage for said digital content, said one or 
more delivery parameters identifying a target device 
to receive digital content referenced by said 
authenticated digital content request; 

means for receiving , from said content repository 
by said user device, encrypted digital content in 
response to said sending said authenticated digital 
content request ; and 

means for sending , by said user device, said 
encrypted digital content to said target device, said 
target device for decrypting said encrypted digital 
content to create decrypted digital content and for 
rendering said decrypted digital content on said 
target device. 

20. (Original) The apparatus of claim 19 wherein 
said digital content request comprises a 

Universal Resource Locator (URL) ; and 

said authenticated digital content request 
comprises a tokenized URL. 

21. (Original) The apparatus of claim 20 wherein 
said tokenized URL further comprises a token comprising a 
cryptogram based at least in part on an identifier that 
describes the location of said digital content. 
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22. (Original) The apparatus of claim 21, further 
comprising means for sending said token to said target 
device . 
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23. (Original) The apparatus of claim 21 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

24. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a serial 
number uniquely identifying said target device. 

25. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a master key 
indicator for use in decrypting an encrypted form of said 
digital content. 

26. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a key 
derivation process indicator for use in deriving a 
cryptographic key for decrypting an encrypted form of said 
digital content. 

27. (Original) The apparatus of claim 19 wherein 
said one or more delivery parameters comprises a 
cryptographic process indicator that specifies a 
cryptographic process supported by said target device. 

28. (Currently Amended) An apparatus for digital 
content access control, the apparatus comprising: 



a memory for storing said digital content; and 
a processor configured to: 

send , by a user device to a content 
provisioner, a digital content request comprising 
a request for digital content; 

receive , from said content provisioner by 
said user device, an authenticated digital 
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content request in response to said sending said 
digital content request; 



send , by said user device, said 
authenticated digital content request including 
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one or more delivery parameters to a content 
repository that provides storage for said digital 
content, said one or more delivery parameters 
identifying a target device to receive digital 
content referenced by said authenticated digital 
content request; 

receive , from said content repository by 
said user device, encrypted digital content in 
response to said sending said authenticated 
digital content request; and 

send , by said user device, said encrypted 
digital content to said target device, said 
target device for decrypting said encrypted 
digital content to create decrypted digital 
content and for rendering said decrypted digital 
content on said target device.. 

29. (Original) The apparatus of claim 28 wherein 
said processor is further configured to receive said 
digital content in response to said authenticated digital 
content request . 

30. (Original) The apparatus of claim 28 wherein 
said apparatus comprises a smart card. 

31. (Original) The apparatus of claim 30 wherein 
said smart card comprises a Java Card™ technology-enabled 
smart card. 



32. (Original) The apparatus of claim 30 wherein 
said smart card comprises a CDMA (Code Division Multiple 
Access) technology-enabled smart card. 
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33. (Original) The apparatus of claim 30 wherein 
said smart card comprises a SIM (Subscriber Identity 
Module) card. 
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34. (Original) The apparatus of claim 30 wherein 
said smart card comprises a WIM (Wireless Interface 
Module) . 

35. (Currently Amended) A method for digital content 
access control, comprising: 

receiving , by a target device, a token comprising 
a cryptogram based at least in part on an identifier 
that describes the location of said digital content; 

preparing , on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device; 

receiving , on said target device, encrypted 
digital content; 

decrypting , on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering , on said target device, said decrypted 
digital content. 

36. (Original) The method of claim 35 wherein said 
preparing is performed on a smart card. 

37. (Original) The method of claim 35 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 
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38. (Currently Amended) A method for digital content 
access control, comprising: 

receiving , on a target device, a tokenized URL 
comprising a token having a cryptogram based at least 
in part on an identifier that describes the location 
of said digital content; 
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preparing , on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device ; 

receiving , on said target device, encrypted 
digital content; 

decrypting , on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering , on said target device, said decrypted 
digital content. 

39. (Original) The method of claim 38 wherein said 
preparing is performed on a smart card. 

40. (Original) The method of claim 38 wherein said 
token is from a token pool associated with the location of 
digital content for which access is authorized. 

41. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
executable by the machine to perform a method for digital 
content access control, the method comprising: 

receiving , by a target device, a token comprising 
a cryptogram based at least in part on an identifier 
that describes the location of said digital content; 

preparing , on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device ; 



Page 16 of 3 0 



Appl. No. 10/668,867 
Amdt. dated May 30, 2007 

Reply to Office Action of March 7, 2007 



receiving , on said target device, encrypted 
digital content; 

decrypting , on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 

rendering , on said target device, said decrypted 
digital content. 

42. (Original) The program storage device of claim 
41 wherein said preparing is performed on a smart card. 

43. (Original) The program storage device of claim 
41 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized. 
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44. (Currently Amended) A program storage device 
readable by a machine, embodying a program of instructions 
executable by the machine to perform a method for digital 
content access control, the method comprising: 

receiving , on a target device, a tokenized URL 
comprising a token having a cryptogram based at least 
in part on an identifier that describes the location 
of said digital content ; 

preparing , on said target device, a session key, 
said preparing comprising applying a cryptographic 
process to a key based at least in part on said token 
together with a target key to create said session key, 
said target key based at least in part on a master key 
and a target ID, said target ID identifying a target 
device; 

receiving , on said target device, encrypted 
digital content; 

decrypting , on said target device, said encrypted 
digital content using said session key to create 
decrypted digital content; and 
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rendering , on said target device, said decrypted 
digital content. 

45. (Original) The program storage device of claim 
44 wherein said preparing is performed on a smart card. 

46. (Original) The program storage device of claim 
44 wherein said token is from a token pool associated with 
the location of digital content for which access is 
authorized . 



47. (Currently Amended) An apparatus for digital 
content access control, comprising: 

means for receiving , by a target device, a token 
comprising a cryptogram based at least in part on an 
identifier that describes the location of said digital 
content; 

means for preparing , on said target device, a 
session key, said preparing comprising applying a 
cryptographic process to a key based at least in part 
on said token together with a target key to create 
said session key, said target key based at least in 
part on a master key and a target ID, said target ID 
identifying a target device; 

means for receiving , on said target device, 
encrypted digital content; 

means for decrypting , on said target device, said 
encrypted digital content using said session key to 
create decrypted digital content; and 

means for rendering , on said target device, said 
decrypted digital content. 
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48. (Original) The apparatus of claim 47 wherein 
said means for preparing comprises a smart card. 
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49. (Original) The apparatus of claim 4 7 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

50. (Currently Amended) An apparatus for digital 
content access control, comprising: 

means for receiving , on a target device, a 
tokenized URL comprising a token having a cryptogram 
based at least in part on an identifier that describes 
the location of said digital content ; 

means for preparing , on said target device, a 
session key, said preparing comprising applying a 
cryptographic process to a key based at least in part 
on said token together with a target key to create 
said session key, said target key based at least in 
part on a master key and a target ID, said target ID 
identifying a target device; 

means for receiving , on said target device, 
encrypted digital content ; 

means for decrypting , on said target device, said 
encrypted digital content using said session key to 
create decrypted digital content; and 

means for rendering , on said target device, said 
decrypted digital content . 

51. (Original) The apparatus of claim 50 wherein 
said means for preparing comprises a smart card. 

52. (Original) The apparatus of claim 50 wherein 
said token is from a token pool associated with the 
location of digital content for which access is authorized. 

53. (Currently Amended) An apparatus for digital 
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content access control, the apparatus comprising: 

a memory for storing said digital content; and 
a processor, of a target device, configured to: 
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receive , by said target device, a token 
comprising a cryptogram based at least in part on 
an identifier that describes the location of said 
digital content ; 

prepare , on said target device, a session 
key, said preparing comprising applying a 
cryptographic process to a key based at least in 
part on said token together with a target key to 
create said session key, said target key based at 
least in part on a master key and a target ID, 
said target ID identifying a target device; 

receive , on said target device, encrypted 
digital content; 

decrypt , on said target device, said 
encrypted digital content using said session key 
to create decrypted digital content; and 

render , on said target device, said 
decrypted digital content. 



• 54. (Original) The apparatus of claim 53 wherein 
said apparatus comprises a smart card. 

55. (Original) The apparatus of claim 54 wherein 
said smart card comprises a Java Card™ technology-enabled 
smart card. 



56. (Original) The apparatus of claim 54 wherein 
said smart card comprises a CDMA (Code Division Multiple 
Access) technology- enabled smart card. 
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57. (Original) The apparatus of claim 54 wherein 
said smart card comprises a SIM (Subscriber Identity 
Module) card. 

58. (Original) The apparatus of claim 54 wherein 
said smart card comprises a WIM (Wireless Interface 
Module) . 
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